authentication and data integrity
play

Authentication and Data Integrity Authentication with Symmetric - PowerPoint PPT Presentation

Oct 25, 2022 •1.36k likes •1.66k views

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

  1. Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of Engineering and Technology Digital Signatures CQUniversity Australia Prepared by Steven Gordon on 15 Apr 2020, auth.tex, r1850 1/27

  2. Cryptography Contents Authentication and Data Integrity Aims of Aims of Authentication Authentication Authentication with Symmetric Key Encryption Authentication with Symmetric Key Encryption Authentication with Hash Functions Authentication with MACs Authentication with Hash Functions Digital Signatures Authentication with MACs Digital Signatures 2/27

  3. Cryptography Attacks on Information Transfer Authentication and Data Integrity 1. Disclosure: encryption Aims of Authentication 2. Traffic analysis: encryption Authentication 3. Masquerade: message authentication with Symmetric Key Encryption 4. Content modification: message authentication Authentication with Hash 5. Sequence modification: message authentication Functions Authentication 6. Timing modification: message authentication with MACs 7. Source repudiation: digital signatures Digital Signatures 8. Destination repudiation: digital signatures 3/27

  4. Cryptography Aims of Authentication Authentication and Data Integrity ◮ Receiver wants to verify: Aims of 1. Contents of the message have not been modified ( data Authentication authentication ) Authentication with Symmetric 2. Source of message is who they claim to be ( source Key Encryption authentication ) Authentication ◮ Different approaches available: with Hash Functions ◮ Symmetric Key Encryption Authentication ◮ Hash Functions with MACs ◮ Message Authentication Codes (MACs) Digital Signatures ◮ Public Key Encryption (i.e. Digital Signatures) 4/27

  5. Cryptography Contents Authentication and Data Integrity Aims of Aims of Authentication Authentication Authentication with Symmetric Key Encryption Authentication with Symmetric Key Encryption Authentication with Hash Functions Authentication with MACs Authentication with Hash Functions Digital Signatures Authentication with MACs Digital Signatures 5/27

  6. Cryptography Symmetric Encryption for Authentication Authentication and Data Integrity Aims of Authentication Authentication with Symmetric Key Encryption Authentication Credit: Figure 12.1(a) in Stallings, Cryptography and Network Security , 5th Ed., Pearson 2011 with Hash Functions Authentication with MACs Digital Signatures 6/27

  7. Cryptography Recognising Correct Plaintext in English Authentication (question) and Data Integrity Aims of B receives ciphertext (supposedly from A , using shared Authentication secret key K ): Authentication with Symmetric DPNFCTEJLYONCJAEZRCLASJTDQFY Key Encryption B decrypts with key K to obtain plaintext: Authentication with Hash SECURITYANDCRYPTOGRAPHYISFUN Functions Was the plaintext encrypted with key K (and hence sent by Authentication with MACs A )? Is the ciphertext received the same as the ciphertext Digital Signatures sent by A ? 7/27

  8. Cryptography Recognising Correct Plaintext in English Authentication (question) and Data Integrity Aims of B receives ciphertext (supposedly from A , using shared Authentication secret key K ): Authentication with Symmetric QEFPFPQEBTOLKDJBPPXDBPLOOVX Key Encryption B decrypts with key K to obtain plaintext: Authentication with Hash FTUEUEFTQIDAZSYQEEMSQEADDKM Functions Was the plaintext encrypted with key K (and hence sent by Authentication with MACs A )? Is the ciphertext received the same as the ciphertext Digital Signatures sent by A ? 8/27

  9. Cryptography Recognising Correct Plaintext in Binary Authentication (question) and Data Integrity Aims of B receives ciphertext (supposedly from A , using shared Authentication secret key K ): Authentication with Symmetric 0110100110101101010110111000010 Key Encryption B decrypts with key K to obtain plaintext: Authentication with Hash 0101110100001101001010100101110 Functions Was the plaintext encrypted with key K (and hence sent by Authentication with MACs A )? Is the ciphertext received the same as the ciphertext Digital Signatures sent by A ? 9/27

  10. Cryptography Recognising Correct Plaintext Authentication and Data Integrity ◮ Many forms of information as plaintext can be Aims of recognised at correct Authentication ◮ However not all, and often not automatically Authentication with Symmetric Key Encryption ◮ Authentication should be possible without decryptor Authentication having to know context of the information being with Hash Functions transferred Authentication ◮ Authentication purely via symmetric key encryption is with MACs Digital Signatures insufficient ◮ Solutions: ◮ Add structure to information, such as error detecting code ◮ Use other forms of authentication, e.g. MAC 10/27

  11. Cryptography Contents Authentication and Data Integrity Aims of Aims of Authentication Authentication Authentication with Symmetric Key Encryption Authentication with Symmetric Key Encryption Authentication with Hash Functions Authentication with MACs Authentication with Hash Functions Digital Signatures Authentication with MACs Digital Signatures 11/27

  12. Cryptography Authentication by Hash and then Encrypt Authentication and Data Integrity Aims of Authentication Authentication with Symmetric Key Encryption Authentication with Hash Functions Credit: Figure in Stallings, Cryptography and Network Security , 5th Ed., Pearson 2011 Authentication with MACs Digital Signatures 12/27

  13. Cryptography Authentication by Encrypting a Hash Authentication and Data Integrity Aims of Authentication Authentication with Symmetric Key Encryption Authentication with Hash Functions Authentication Credit: Figure in Stallings, Cryptography and Network Security , 5th Ed., Pearson 2011 with MACs Digital Signatures 13/27

  14. Cryptography Attack of Authentication by Encrypting a Hash Authentication (exercise) and Data Integrity Aims of If a hash function did not have the Second Preimage Authentication Resistant property, then demonstrate an attack on the Authentication with Symmetric scheme in The figure on slide 13. Key Encryption Authentication with Hash Functions Authentication with MACs Digital Signatures 14/27

  15. Cryptography Authentication with Hash of a Shared Secret Authentication and Data Integrity Aims of Authentication Authentication with Symmetric Key Encryption Authentication with Hash Functions Credit: Figure in Stallings, Cryptography and Network Security , 5th Ed., Pearson 2011 Authentication with MACs Digital Signatures 15/27

  16. Cryptography Attack of Authentication with Hash of Shared Authentication Secret (exercise) and Data Integrity Aims of If a hash function did not have the Preimage Resistant Authentication property, then demonstrate an attack on the scheme in The Authentication with Symmetric figure on slide 15. Key Encryption Authentication with Hash Functions Authentication with MACs Digital Signatures 16/27

  17. Cryptography Contents Authentication and Data Integrity Aims of Aims of Authentication Authentication Authentication with Symmetric Key Encryption Authentication with Symmetric Key Encryption Authentication with Hash Functions Authentication with MACs Authentication with Hash Functions Digital Signatures Authentication with MACs Digital Signatures 17/27

  18. Cryptography Authentication with only MACs Authentication and Data Integrity Aims of Authentication Authentication with Symmetric Key Encryption Authentication with Hash Functions Credit: Figure in Stallings, Cryptography and Network Security , 5th Ed., Pearson 2011 Authentication with MACs Digital Signatures 18/27

  19. Cryptography Authentication using Encryption and a MAC Authentication and Data Integrity ◮ Common to what both confidentiality and Aims of authentication (data integrity) Authentication ◮ MACs have advantage over hashes in that if encryption Authentication with Symmetric Key Encryption is defeated, then MAC still provides integrity Authentication ◮ But two keys must be managed: encryption key and with Hash Functions MAC key Authentication ◮ Recommended algorithms used for encryption and MAC with MACs Digital Signatures are independent ◮ Three general approaches (following definitions), referred to as authenticated encryption 19/27

  20. Cryptography Encrypt-then-MAC (definition) Authentication and Data Integrity The sender encrypts the message M with symmetric key encryption, then applies a MAC function on the ciphertext. Aims of Authentication The ciphertext and the tag are sent, as follows: Authentication with Symmetric Key Encryption E ( K 1 , M ) || MAC ( K 2 , E ( K 1 , M )) Authentication with Hash Functions Two independent keys, K 1 and K 2 , are used. Authentication with MACs Digital Signatures 20/27

  21. Cryptography MAC-then-Encrypt (definition) Authentication and Data Integrity The sender applies a MAC function on the plaintext, appends the result to the plaintext, and then encrypt both. Aims of Authentication The ciphertext is sent, as follows: Authentication with Symmetric Key Encryption E ( K 1 , M || MAC ( K 2 , M )) Authentication with Hash Functions Authentication with MACs Digital Signatures 21/27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

613 views • 27 slides
Data Integrity & Authentication Message Authentication Codes (MACs) Goal Ensure integrity

Data Integrity & Authentication Message Authentication Codes (MACs) Goal Ensure integrity

Data Integrity & Authentication Message Authentication Codes (MACs) Goal Ensure integrity of messages, even in presence of an active adversary who sends own messages. Alice Bob (sender) (reciever) Fran (forger) Remark: Authentication

450 views • 31 slides
MESSAGE AUTHENTICATION 1 / 103 Integrity and authenticity The goal is to ensure that M

MESSAGE AUTHENTICATION 1 / 103 Integrity and authenticity The goal is to ensure that M

MESSAGE AUTHENTICATION 1 / 103 Integrity and authenticity The goal is to ensure that M really originates with Alice and not someone else M has not been modified in transit 2 / 103 Integrity and authenticity example Bob Alice (Bank)

1.31k views • 112 slides
1 Message Encryption- see Table 11.1 in the book Message Encryption if public-key encryption

1 Message Encryption- see Table 11.1 in the book Message Encryption if public-key encryption

Message Authentication CPE 542: CRYPTOGRAPHY & NETWORK SECURITY message authentication is concerned with: protecting the integrity of a message Chapter 11 Message Authentication and validating identity of originator Hash

462 views • 6 slides
Integrity Assurance in Resource-Bounded Systems through Stochastic Message Authentication Aron

Integrity Assurance in Resource-Bounded Systems through Stochastic Message Authentication Aron

2nd Symposium and Bootcamp on the Science of Security (HotSoS) April 21st, 2015 Integrity Assurance in Resource-Bounded Systems through Stochastic Message Authentication Aron Laszka, Yevgeniy Vorobeychik, and Xenofon Koutsoukos Institute for

404 views • 22 slides
Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication

Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication

Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication Trusted Intermediaries Secure email pretty good privacy (PGP) 2 1 Cryptographic Keys Alices Bobs K A encryption decryption K B key

427 views • 13 slides
Module 5: Implementing Data Integrity Overview Types of Data Integrity Enforcing Data

Module 5: Implementing Data Integrity Overview Types of Data Integrity Enforcing Data

Module 5: Implementing Data Integrity Overview Types of Data Integrity Enforcing Data Integrity Defining Constraints Types of Constraints Disabling Constraints Using Defaults and Rules Deciding Which Enforcement Method

260 views • 23 slides
Integrity and Authentication CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen,

Integrity and Authentication CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen,

Integrity and Authentication CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca

862 views • 30 slides
Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password Token-based authentication Third party authentication Local Authentication How to store and verify password? Clear Data can be hacked

615 views • 14 slides
Integrity measurements for stronger cloud-based authentication John Zic 1 Thomas Hardjono 2 1

Integrity measurements for stronger cloud-based authentication John Zic 1 Thomas Hardjono 2 1

Integrity measurements for stronger cloud-based authentication John Zic 1 Thomas Hardjono 2 1 CSIRO Computational Informatics 2 MIT Kerberos and Internet of Trust Trust in the Digital World: Enabling the Economies of Trust Zic and

371 views • 19 slides
Data integrity protection Data integrity protection with cryptsetup tools with cryptsetup tools

Data integrity protection Data integrity protection with cryptsetup tools with cryptsetup tools

Centre for Research on Cryptography and Security research.redhat.com crocs.fi.muni.cz Data integrity protection Data integrity protection with cryptsetup tools with cryptsetup tools What is the Linux dm-integrity module and What is the

883 views • 25 slides
KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR

KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR

KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR KILOBAR KILOBAR KILOBAR INTEGRITY KILOBAR INTEGRITY INTEGRITY INTEGRITY INTEGRITY INTEGRITY INTEGRITY Blockchain & Security Ruth Crowell, Chief Executive Asia Pacific Precious Metals

460 views • 10 slides
Using LIMS to Drive Data Integrity in a Regulated Environment Dr David Hardy Technical Solutions

Using LIMS to Drive Data Integrity in a Regulated Environment Dr David Hardy Technical Solutions

Using LIMS to Drive Data Integrity in a Regulated Environment Dr David Hardy Technical Solutions Manager Digital Sciences The world leader in serving science Data Integrity Definitions Data Integrity: The degree to which a collection of data

432 views • 24 slides
MESSAGE AUTHENTICATION CODES and PRF DOMAIN EXTENSION Mihir Bellare UCSD 1 Integrity and

MESSAGE AUTHENTICATION CODES and PRF DOMAIN EXTENSION Mihir Bellare UCSD 1 Integrity and

MESSAGE AUTHENTICATION CODES and PRF DOMAIN EXTENSION Mihir Bellare UCSD 1 Integrity and authenticity The goal is to ensure that M really originates with Alice and not someone else M has not been modified in transit Mihir Bellare

989 views • 46 slides
AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

833 views • 44 slides
Crypto Conclusion (maybe) Message Authentication Codes Key Management Fall 2018 CS 334:

Crypto Conclusion (maybe) Message Authentication Codes Key Management Fall 2018 CS 334:

Crypto Conclusion (maybe) Message Authentication Codes Key Management Fall 2018 CS 334: Computer Security 1 Message Authentication message authentication is concerned with: protecting the integrity of a message Confirming

512 views • 48 slides
Systems: A ZFS Case Study Yupu Zhang , Abhishek Rajimwale Andrea C. Arpaci-Dusseau, Remzi H.

Systems: A ZFS Case Study Yupu Zhang , Abhishek Rajimwale Andrea C. Arpaci-Dusseau, Remzi H.

End-to-end Data Integrity for File Systems: A ZFS Case Study Yupu Zhang , Abhishek Rajimwale Andrea C. Arpaci-Dusseau, Remzi H. Arpaci-Dusseau University of Wisconsin - Madison 2/26/2010 1 End-to-end Argument Ideally, applications should

759 views • 29 slides
Reliable Byte-Stream (TCP) re-orders messages delivers duplicate copies of a given

Reliable Byte-Stream (TCP) re-orders messages delivers duplicate copies of a given

End-to-End Protocols Underlying best-effort network drop messages Reliable Byte-Stream (TCP) re-orders messages delivers duplicate copies of a given message limits messages to some finite size delivers messages after

303 views • 5 slides
The Internet Today Niko Matsakis Outline Summaries of: End-to-End Arguments in System

The Internet Today Niko Matsakis Outline Summaries of: End-to-End Arguments in System

The Internet Today Niko Matsakis Outline Summaries of: End-to-End Arguments in System Design The Design Principles of the DARPA Internet Protocols Criticisms and Commentary Conclusion The End-to-End Argument E2E

753 views • 49 slides
Securing software by enforcing data-flow integrity Manuel Costa Joint work with: Miguel Castro,

Securing software by enforcing data-flow integrity Manuel Costa Joint work with: Miguel Castro,

Securing software by enforcing data-flow integrity Manuel Costa Joint work with: Miguel Castro, Tim Harris Microsoft Research Cambridge University of Cambridge Software is vulnerable use of unsafe languages is prevalent most

288 views • 25 slides
PAYE Modernisation Thesaurus Webinar December 2019 Overview PAYE Modernisation Update

PAYE Modernisation Thesaurus Webinar December 2019 Overview PAYE Modernisation Update

PAYE Modernisation Thesaurus Webinar December 2019 Overview PAYE Modernisation Update Data Integrity Project myAccount Enhancements 2019 Employment Detail Summary Employee Statement of Liability Transition 2019/2020

707 views • 70 slides
Lecture 07: Race Conditions, Deadlock, Data Integrity The job - list - broken and job - list -

Lecture 07: Race Conditions, Deadlock, Data Integrity The job - list - broken and job - list -

Lecture 07: Race Conditions, Deadlock, Data Integrity The job - list - broken and job - list - fixed examples from the prior slide deck highlight a key issue that comes with the introduction of signals and signal handling. Neither job -

377 views • 10 slides
Cryptographic Hash Functions Debdeep Mukhopadhyay IIT Kharagpur Data Integrity

Cryptographic Hash Functions Debdeep Mukhopadhyay IIT Kharagpur Data Integrity

Cryptographic Hash Functions Debdeep Mukhopadhyay IIT Kharagpur Data Integrity Cryptographic Hash Function: Provides assurance of data integrity Let h be a hash function and x some data. The hash creates a fingerprint of the data,

564 views • 31 slides
AN INFORMATICS FRAMEWORK FOR TESTING DATA INTEGRITY AND CORRECTNESS OF FEDERATED BIOMEDICAL

AN INFORMATICS FRAMEWORK FOR TESTING DATA INTEGRITY AND CORRECTNESS OF FEDERATED BIOMEDICAL

AN INFORMATICS FRAMEWORK FOR TESTING DATA INTEGRITY AND CORRECTNESS OF FEDERATED BIOMEDICAL DATABASES Mijung Kim , 1 Tahsin Kurc, 2 Alessandro Orso, 1 Jake Cobb, 1 David Gutman, 2 Mary Jean Harrold, 1 Andrew Post, 2 Ashish Sharma, 2 Tony Pan, 2

303 views • 7 slides

More recommend